[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: hi -tripwire
- To: ports_(_at_)_openbsd_(_dot_)_org
- Subject: Re: hi -tripwire
- From: Daniel Hartmeier <daniel_(_at_)_reichardt_(_dot_)_ch>
- Date: Sat, 30 Sep 2000 17:14:52 +0200
- Organization: Reichardt Informatik AG
On Sat, Sep 30, 2000 at 09:17:07AM -0600, dreamwvr wrote:
> write once media would be ideal as then it would be burned in per se..
> then everytie you commited changes that particular tw.* db would become
> the valid one.. or as you say a hd set physically for ro .. a thought i have
> is that one could say ssh into the system you wanted to eval and then
> push tw over to where you want it then test .. if ok make a new one..
> then get one of the fancy X-bar switches that is either open of closed
> and simple open the circuit again. pretty hard to virtually hack a air
If you're really serious about it, you don't verify the checksums from
within the system at all. You either mount the partitions from another,
know clean system, or boot off a cdrom, mount them and check them from
there. If your system is compromised, you can't rely on tripwire returning
valid results if it's running from that system.
But I'm not sure how many tripwire users actually take these steps,
hence I wonder what would be a reasonable default installation for a
tripwire port. Should the port enforce this kind of use, or just
install it on the system and leave it up to the user to take additional
A false sense of security might be worse than not using tripwire at all,
which is the only real drawback of tripwire, in my opinion.
Visit your host, monkey.org